Merge pull request #279 from gffletch/Sub-description

Improve `sub` claim description in transaction tokens

Author: tulshi

draft-ietf-oauth-transaction-tokens.md

@@ -334,7 +334,7 @@ JWT claims as well as defines new claims. These claims are described below:
 : REQUIRED A unique transaction identifier as defined in Section 2.2 of {{RFC8417}}.
 
 `sub`:
-: REQUIRED A unique identifier for the subject within the context of the `aud` Trust Domain.
+: REQUIRED This claim represents the principal of the transaction as defined by Section 4.1.2 of {{RFC7519}}. The value MUST be unique within the context of the `aud` Trust Domain. Note: Unlike OpenID Connect, the `sub` claim is NOT associated with the `iss` claim.
 
 `scope`:
 : REQUIRED The scope claim is defined in {{Section 4.2 of RFC8693}}. Note that the value of this claim is determined by the Transaction Token Service and is not required to match the requested scope nor the scope in any supplied external token.
@@ -719,6 +719,7 @@ The authors would like to thank the contributors and the OAuth working group mem
 * Editorial updates (https://github.com/oauth-wg/oauth-transaction-tokens/issues/204)
 * Removed the requirement to encode parameters in based64url format
 * Rename the `purpose` claim to `scope`
+* Enhanced the description of the `sub` claim addressing issue #225
 * Removed references to replacing transaction tokens, and added a note in the Security Considerations to clarify replacement concerns.
 * Editorial comments from Joe Saloway (https://github.com/oauth-wg/oauth-transaction-tokens/issues/219)
 * Clarify request_details (https://github.com/oauth-wg/oauth-transaction-tokens/issues/197)